Register a domain and help support LQ
Go Back > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Slackware This Forum is for the discussion of Slackware Linux.


  Search this Thread
Old 01-26-2004, 07:12 AM   #1
LQ Newbie
Registered: Jan 2004
Posts: 8

Rep: Reputation: 0
Problem with Arno's IPTables ruleset?

I just installed Slackware 9.1. First order of business was to get the firewall up so that I could get online. I found a ruleset written by someone named Arno at simplylinux dot punted dot net. (It's my first post. Evidently I'm not allowed to use URLs until the fifth post. Anywho...) Apparently, it's reasonably widely used.

It looks pretty comprehensive, although I haven't had the chance to go over the rules in detail, but I did notice one problem that I thought should be pointed out. The first rule in the INPUT chain is supposed to accept all packets originating from the loopback interface. It comes from the following line in the rc.iptables script:


However, apparently my system didn't recognize "lo" (I'm guessing), and the first rule in my INPUT chain ended up accepting all packets from all sources regardless of protocol. Not much of a firewall, that. Once I changed the rule to read


it worked as expected.
Old 01-26-2004, 10:06 AM   #2
Senior Member
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
Actually, that rule means ACCEPT everything coming in on lo interface, regardless of where it came from...

So, yes it's an open ACCEPT...

It should read: $IPTABLES -A INPUT -i lo -s -j ACCEPT


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables with iptables-firewall.conf arno's matt3333 Slackware 16 06-28-2007 08:20 AM
Stealth iptables ruleset Mux Linux - Security 10 02-21-2007 03:54 AM
iptables ruleset for nameserver DaveL Linux - Newbie 4 01-07-2003 01:11 AM
Iptables ruleset Paul_assheton Linux - Networking 1 08-31-2002 08:01 AM
Iptables ruleset Kinstonian Linux - Security 1 04-04-2002 03:58 AM

All times are GMT -5. The time now is 05:33 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration